IEEE

Improving Java Deserialization Gadget Chain Mining via Overriding-Guided Object Generation

Abstract: Java (de)serialization is prone to causing security-critical vulnerabilities that attackers can invoke existing methods (gadgets) on the application's classpath to construct a gadget chain ...
TheServerSide

ObjectOutputStream example: A Java object serialization tutorial

Community driven content discussing all aspects of software development from DevOps to design patterns. In this Java serialization example, we will use both the ObjectOutputStream and the ...
CSOonline

Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE

A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances. The vulnerability, tracked as CVE-2025-30065, is a ...
LinkedIn

Modern Serialization Strategies in Java: Alternatives to Java Object Serialization

Serialization is a core concept in Java that allows objects to be converted into a format suitable for storage or transmission and later reconstructed. While Java’s built-in serialization mechanism ...
LinkedIn

Advanced Kafka Producer in Java: JSON Serialization, Compression, and Asynchronous Delivery

When dealing with high-throughput messaging systems, it’s essential to configure your Kafka Producer for both performance and usability. This guide will show you how to produce JSON objects to Apache ...
IEEE

Towards Improving the Performance of Comment Generation Models by Using Bytecode Information

Abstract: Code comment plays an important role in program understanding, and a large number of automatic comment generation methods have been proposed in recent years. To get a better effect of ...
The Hacker News

Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization

The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under ...
InfoWorld

How to use Java generics to avoid ClassCastExceptions

Using generics results in more robust code and avoids ClassCastExceptions in your Java programs. This in-depth tutorial introduces you to generics and their types and methods. Generics are used in ...
The Hacker News

Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications

A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances ...
TechRepublic

The 6 Best Software Testing Courses Worth Taking

Today’s best software testing courses offer hands-on experience with unit testing, static analysis, automating functional tests and more. Software testing is crucial for businesses with any kind of ...
GitHub

Java-Deserialization-Cheat-Sheet

Click1 @artsploit click-nodeps:2.3.0, javax.servlet-api:3.1.0 Clojure @JackOfMostTrades clojure:1.8.0 CommonsBeanutils1 @frohoff commons-beanutils:1.9.2, commons-collections:3.1, commons-logging:1.2 ...